The vulnerability in the SecureBoot could threaten the majority of laptops, workstations, desktops and servers.
The vulnerability in the SecureBoot could threaten the majority of laptops, workstations, desktops and servers.
Eclypsium, a security research firm discovered the vulnerability named BootHole. This vulnerability affects most Linux distributions and Windows devices that use UEFI specification during boot.
What is BootHole?
CVE-2020-10713 dubbed BootHole received a high CVSS score of 8.6. The bug was found on GRUB2, a standard bootloader for Linux systems.
The GRUB2 configuration file is a text file and usually isn’t signed like other files and executables. Due to this flaw, BootHole allows an attacker to insert and execute malicious code during the boot-loading process, allowing attackers to plant code that has full control of the OS.
What are the systems affected by BootHole vulnerability?
Even though the big was found GRUB, it does not mean that only Linux systems using GRUB are affected; Eclypsium explained that vulnerability extends to Windows systems using Secure Boot with the standard Microsoft Third Party UEFI Certificate Authority.
“As a result, we believe that the majority of modern systems in use today, including servers and workstation, laptops and desktops, and a large number of Linux-based OT and loT systems, are potentially affected by these vulnerabilities, ” reported Eclypsium.
What is the need for a SecureBoot?
SecureBoot was built to ensure that a device uses authorized boot loaders and firmware by authenticating the software with valid cryptographic signatures to verify each piece of code as needed during the boot process. However, Eclypsium uncovered a problem with how GRUB2 parses its configuration file, which allows unauthorized parties to bypass the signature check. Data can be written anywhere in memory with the bug.
Eclypsium notified Microsoft, Linux distributors Red Hat, Canonical/Ubuntu, Debian, SuSE, VMware, Citrix, computer original equipment manufacturers (OEMs) and software developers about the bug.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: “BlueLeaks” Exposes Data of 200 US police Departments and Exposed Online